CVE-2022-48470

Published: Dec 28, 2024Modified: Dec 9, 2025

4.0

Vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

Exploitability: 1.4 / Impact: 2.5

Source: psirt@huawei.com (Secondary)

Description

Huawei HiLink AI Life product has an identity authentication bypass vulnerability. Successful exploitation of this vulnerability may allow attackers to access restricted functions.(Vulnerability ID:HWPSIRT-2022-42291) This vulnerability has been assigned a (CVE)ID:CVE-2022-48470

Affected (1)

Products: Huawei: Hilink Ai Life

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Huawei Hilink Ai Life	Version 12.0.2.305

Related CWEs

Authentication Bypass by Primary Weakness

The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error.

References (1)

https://www.huawei.com/en/psirt/security-advisories/2023/huawei-sa-iabvihhalp-ea34d670-en

Source: psirt@huawei.com

Vendor Advisory

Timeline

No history available yet.